Friday, June 22. 2007
OpenStreetMap looking into the future
On osm-dev, there was a discussion how to name the download location for the whole data. Some people seem to think forward:
»Since there is more than one planet, and someone might want to map the canals of Mars one day, I think we should call our planet by its proper name. +1 for earth.«
(now, the real reason is that there was discussion about having a planet osm for blog aggregation)
»Since there is more than one planet, and someone might want to map the canals of Mars one day, I think we should call our planet by its proper name. +1 for earth.«
(now, the real reason is that there was discussion about having a planet osm for blog aggregation)
Sunday, June 17. 2007
How good security works
I recently wrote that I'm sometimes a bit unhappy how security issues are handled in free software project.
Now, to have some contrast, today I'll talk about an example how to do it right. Serendipity, the software I'm using to host this blog, had an SQL injection vulnerability. On the same day, they announced it and provide updated packages. The finder of the vulnerability is also mentioned. Now, it is only able to get password-hashes, many other projects probably would've treated this vulnerability as »low-impact« or something like that.
But beside that, they also provide some tipps how to check if the vulnerability has already been exploitet and suggest to change user passwords.
A while back, there was another vulnerability reported in serendipity. The authors said they don't think that it's really a vulnerability and it probably can't be used for anything evil. But anyway, an update was released and announced just to be sure.
Now, that's good security-work. The fact that serendipity has very few vulnerabilities at all already is very good. The fact they treat the few ones proper is even better. Some other projects should have a look at that.
Now, to have some contrast, today I'll talk about an example how to do it right. Serendipity, the software I'm using to host this blog, had an SQL injection vulnerability. On the same day, they announced it and provide updated packages. The finder of the vulnerability is also mentioned. Now, it is only able to get password-hashes, many other projects probably would've treated this vulnerability as »low-impact« or something like that.
But beside that, they also provide some tipps how to check if the vulnerability has already been exploitet and suggest to change user passwords.
A while back, there was another vulnerability reported in serendipity. The authors said they don't think that it's really a vulnerability and it probably can't be used for anything evil. But anyway, an update was released and announced just to be sure.
Now, that's good security-work. The fact that serendipity has very few vulnerabilities at all already is very good. The fact they treat the few ones proper is even better. Some other projects should have a look at that.
Posted by Hanno Böck
in Code, English, Gentoo, Linux, Security, Webdesign
at
23:51
| Comment (1)
| Trackbacks (0)
Thursday, June 14. 2007
Pictures of G8-Protest in Heiligendamm

Due to some damn circumstances, I deleted a bunch of images. Some of them could be restored (using the great rescue-suite sleuthkit - not really easy to use, but powerful).
Some more pictures (of the police action against the media activists bus) are uploaded at indymedia.
Monday, June 11. 2007
Fireworks (Video)
There was a firework in sight of my window. Sadly it took me three minutes to get the camera in a stable position. Then, after one minute the battery was empty. Also the resolution was set to low.
So it's only a mini-video with three minutes shaking and one minute with a stable camera (note to self: next time load your cam after a longer trip).
Fireworks as OGG Theora/Vorbis (can be played with vlc)
So it's only a mini-video with three minutes shaking and one minute with a stable camera (note to self: next time load your cam after a longer trip).
Fireworks as OGG Theora/Vorbis (can be played with vlc)
(Page 1 of 1, totaling 4 entries)